.deb/.rpm: various fixes related to non-root

* Explicitly chown /var/lib/osmocom to osmocom:osmocom, instead of
  relying on systemd to do it when the service starts up. This does not
  work with the systemd versions in debian 10 and almalinux 8.
* deb: Use "useradd" instead of the interactive "adduser" perl script
  from Debian. This makes it consistent with how we do it in rpm, and
  avoids the dependency on "adduser".
* deb: Consistently use tabs through the file, instead of mixing tabs
  and spaces.
* deb: Remove support for the "dpkg-statoverride --list" logic. This
  seems to be a rather obscure feature to override permissions for
  certain files or directories, for which it does not seem to be a good
  idea to make the postinst script less maintainable. Something similar
  can be achieved by using your own Osmocom config file in a different
  path with different permissions.

Related: OS#4107
Change-Id: Ie34e7aa65e576cf1742a33530a6f44d2344c39d0

3 files changed, 25 insertions, 34 deletions

diff --git a/contrib/libosmo-sccp.spec.in b/contrib/libosmo-sccp.spec.in
index 7e74e18..9d70874 100644
--- a/contrib/libosmo-sccp.spec.in
+++ b/contrib/libosmo-sccp.spec.in
@@ -158,7 +158,8 @@ chown osmocom:osmocom /etc/osmocom/osmo-stp.cfg
 chmod 0660 /etc/osmocom/osmo-stp.cfg
 chown root:osmocom /etc/osmocom
 chmod 2775 /etc/osmocom
-
+mkdir -p /var/lib/osmocom
+chown -R osmocom:osmocom /var/lib/osmocom
 
 %files -n libosmo-mtp-devel
 %dir %{_includedir}/%{name}
diff --git a/debian/control b/debian/control
index 712774c..444604c 100644
--- a/debian/control
+++ b/debian/control
@@ -100,8 +100,7 @@ Multi-Arch: same
 Section: net
 Depends: libosmo-sigtran9,
          ${shlibs:Depends},
-         ${misc:Depends},
-         adduser
+         ${misc:Depends}
 Description: Osmocom SIGTRAN STP (Signaling Transfer Point)
   This is the Osmocom (Open Source Mobile Communications) implementation
   of a Signaling Transfer Point (STP) for SS7/SIGTRAN telecommunication
diff --git a/debian/osmo-stp.postinst b/debian/osmo-stp.postinst
index 94fb408..bfcc1dc 100755
--- a/debian/osmo-stp.postinst
+++ b/debian/osmo-stp.postinst
@@ -1,37 +1,28 @@
 #!/bin/sh -e
-# Create 'osmocom' user and group (if it doesn't exist yet) and adjust permissions
-# of directories which are not automatically adjusted by systemd from previous (root-owned)
-# install.
-
-# N. B: the user is intentionally NOT removed during package uninstall:
-# see https://wiki.debian.org/AccountHandlingInMaintainerScripts for reasoning.
-chperms() {
-	# chperms <user> <group> <perms> <file>
-	if ! OVERRIDE=`dpkg-statoverride --list $4 2>&1`; then
-		if [ -e $4 ]; then
-			chown $1:$2 $4
-			chmod $3 $4
-		fi
-	fi
-}
-
 case "$1" in
-  configure)
-    if ! getent passwd osmocom > /dev/null; then
-        adduser --quiet \
-                --system \
-                --group \
-                --no-create-home \
-                --disabled-password \
-                --home /var/lib/osmocom \
-                --gecos "Open Source Mobile Communications" \
-                osmocom
-    fi
-# Set permissions according to https://www.debian.org/doc/debian-policy/ch-files.html#s-permissions-owners
-    chperms osmocom osmocom 0660 /etc/osmocom/osmo-stp.cfg
-    chperms root osmocom 2775 /etc/osmocom
+	configure)
+		# Create the osmocom group and user (if it doesn't exist yet)
+		if ! getent group osmocom >/dev/null; then
+			groupadd --system osmocom
+		fi
+		if ! getent passwd osmocom >/dev/null; then
+			useradd \
+				--system \
+				--gid osmocom \
+				--home-dir /var/lib/osmocom \
+				--shell /sbin/nologin \
+				--comment "Open Source Mobile Communications" \
+				osmocom
+		fi
 
-  ;;
+		# Fix permissions of previous (root-owned) install (OS#4107)
+		chown osmocom:osmocom /etc/osmocom/osmo-stp.cfg
+		chmod 0660 /etc/osmocom/osmo-stp.cfg
+		chown root:osmocom /etc/osmocom
+		chmod 2775 /etc/osmocom
+		mkdir -p /var/lib/osmocom
+		chown -R osmocom:osmocom /var/lib/osmocom
+		;;
 esac
 
 # dh_installdeb(1) will replace this with shell code automatically